Well… that was fast. It was only a few days ago that we learned Koushik Dutta would be making his next project a superuser app for rooted devices. Chainfire’s SuperUser app is great, but it’s not open-sourced. Chainsdd’s app is open-source, but rather outdated. Koush made it his job to bring an updated, modern, and open-sourced version of the app that enables us to do all sorts of cool things with our phones.
The deed has already been done, and he’s calling the result Clockworkmod SuperUser. The app brings us a lot of cool features. For starters, there’s support for Android 4.2 tablets’ multiple user profiles, advanced logging features, PIN protection, support for both X86 and ARM architectures, customized notifications, and more.
One big feature Koush is trying to push is a new Android permission — android.permisison.ACCESS_SUPERUSER — that will let users (and the Superuser app) know if an app has code that is going to request superuser access. The change will be purely cosmetic at first, but the plan is make it so that the app will automatically deny apps superuser permission if that app doesn’t have the permission declared. Here’s a better explanation from the man himself:
Android has a way for apps to create and request various permissions via the AndroidManifest.xml file. This is how the list of permissions and features shown in an app’s Google Play description is generated. Superuser should definitely be listed there. But currently, no such permission exists to be enforced, which is a terrible precedent:
You can download an app, and without your prior knowledge it can request Superuser access.
After talking with +Ricardo Cerqueira about this, we’ve decided on a strategy to ramp up and start enforcing this good practice.
0) Add a new permission with the Superuser, “android.permission.ACCESS_SUPERUSER”.
1) The new Superuser will simply warn that the developer is not declaring “android.permission.ACCESS_SUPERUSER” in the manifest. (as seen below)
2) Add an option to Superuser to automatically deny Superuser access to apps that do not have this declared.
3) After 6 months, this option is enabled by default.
4) After 1 year, this is no longer optional (always on).
This is an insanely trivial change for an app to make, and will assist with the transparency of root apps on the market. So there’s really no excuse for the developer not to do it!
It’s all about security and transparency, folks, and we like it that way. The app is in beta form for now so not everything will be working or enabled, and you may run into some bugs, but the project is already very far along and if development on Carbon — Koush’s apps backup utility — is anything to go by, you can expect very fast development time here.
Folks interested in trying this superuser app out will want to head to the ClockworkMod section in ROM Manager or download the .zip file and flash it manually in recovery. Koush says the app will eventually be available in APK form, but he has yet to implement the installation and upgrade process that will allow you to install it in one click. More details can be found at his Google+ posts here and here. Let us know how you’re liking it if you end up giving it a shot!
[Thanks to everyone who sent this in!]